H3C SecPath F1800-A Operation Manual page 554
H3c secpath f1800-a firewall
Hide thumbs
Also See for H3C SecPath F1800-A:
- Installation manual (13 pages) ,
- Operation manual (30 pages)
Table of Contents
Advertisement
Operation Manual - VPN
H3C SecPath F1800-A Firewall
# Enter IKE peer view.
[SecPath] ike peer a
# Assign an IP address for the IKE peer.
[SecPath-ike-peer-a] pre-shared-key abcde
[SecPath-ike-peer-a] remote-address 202.38.162.1
# Return to system view.
[SecPath-ike-peer-a] quit
# Create an IPSec policy with negotiation mode as isakmp.
[SecPath] ipsec policy map1 10 isakmp
# Quote the IKE peer.
[SecPath-ipsec-policy-isakmp-map1-10] ike-peer a
# Quote IPSec proposal.
[SecPath-ipsec-policy-isakmp-map1-10] proposal tran1
# Quote ACL.
[SecPath-ipsec-policy-isakmp-map1-10] security acl 3101
# Return to system view.
[SecPath-ipsec-policy-isakmp-map1-10] quit
# Enter configuration view of the Ethernet interface.
[SecPath] interface ethernet 2/0/0
# Assign the IP address to the Ethernet interface.
[SecPath-Ethernet2/0/0] ip address 202.38.163.1 255.255.255.0
# Apply the IPSec policy group on the Ethernet interface.
[SecPath-Ethernet2/0/0] ipsec policy map1
# Return to system view.
[SecPath-Ethernet2/0/0] quit
2)
Configuring Router B
# Configure an ACL; define data stream from subnet10.1.2.x to subnet 10.1.1.x.
[SecPath] acl number 3101
[SecPath-acl-adv-3101] rule permit ip source 10.1.2.0 0.0.0.255 destination
10.1.1.0 0.0.0.255
[SecPath-acl-adv-3101] rule deny ip source any destination any
# Configure the static route to PC A.
[SecPath] ip route-static 10.1.1.0 255.255.255.0 202.38.163.1
# Create IPSec proposal by the name of tran1.
[SecPath] ipsec proposal tran1
7-74
Chapter 3 IPSec Configuration
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the H3C SecPath F1800-A and is the answer not in the manual?